Security researchers from Cisco Talos have uncovered five “ReVault” vulnerabilities in Dell’s ControlVault3 firmware and Windows APIs, affecting over 100 Latitude and Precision laptop models. ControlVault3, a hardware security module storing passwords, biometric data, and security codes, is embedded on a dedicated daughterboard called the Unified Security Hub (USH). The flaws — including out-of-bounds errors, a stack overflow, unsafe deserialization, and arbitrary free issues — could be chained to achieve firmware-level code execution. Attackers with physical access could bypass Windows login, escalate privileges, or implant malware that survives OS reinstalls.
Exploits could also allow manipulation of fingerprint authentication to accept any fingerprint. Dell released driver and firmware patches between March and May, urging users to update via Windows Update or Dell’s site. Cisco Talos advises disabling unused authentication peripherals, enabling chassis intrusion detection, and turning on Windows Enhanced Sign-in Security to reduce physical attack risks.
Read more...